RHBA-2008:0310 - Bug Fix Advisory

Topic

An updated coreutils package that fixes several bugs is now available.

Description

The coreutils package contains the core GNU utilities. It is the
combination of the old GNU fileutils, sh-utils, and textutils packages.

This updated package fixes the following bugs:

• running the "apropos selinux" command did not list all of the tools

available for SELinux. In this updated package, several SELinux tools
including chcon have been added to the list. After updating, run the
"/usr/sbin/makewhatis" command as root to rebuild the whatis database.

• when running the cut command to search multiple files for a non-existent

field, for example "cut -f2- file1 file2", a core dump and a "*** glibc
detected *** cut: double free or corruption" error occurred. The
double-free bug has been resolved in this updated package. Note: this
issue only occurred if the "LC_ALL=C" environment variable was set.

• running simultaneous "rm -rf" commands on the root of a deep directory

could cause one of the rm commands to segfault.

• the "ls -lL" command displayed the full path of broken symbolic links.

For example, a broken symbolic linked named "symlink" in the "test"
directory would be displayed as "test/symlink".

• the du command did not count the size of unreadable sub-directories (ie

directories it did not have read and execute permissions to) into the
total. The total from the du command now includes the size of unreadable
sub-directories.

• on file systems that are not able to preserve security context, such

as NFS, the "cp -a" command would overwrite destination files, causing the
destination file size to be 0.

• the date command was unable to handle signed offset times. For example,

running the 'date -d "20071203 + 1 day" +%d' command returned "date:
invalid date `20071203 + 1 day'", instead of the next day, "04".

All users of coreutils are advised to upgrade to this updated package,
which resolves these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 217881 - command `apropos selinux` doesn't list all tools for selinux
• BZ - 235994 - rm can segfault when racing another rm to delete a directory
• BZ - 236721 - ls -lL displays dangling symlinks with full path
• BZ - 250087 - du doesn't report size of unreadable sub directories
• BZ - 320771 - cp -a overwrites destination file with size 0 while cp -dpR copies the file correctly on nfs mounted file system

CVEs

(none)

References

(none)